Lucene search
K

264 matches found

NVD
NVD
added 2016/10/05 10:59 a.m.18 views

CVE-2016-6420

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...

6.8CVSS6.3AI score0.01837EPSS
Exploits0References3
OSV
OSV
added 2016/10/05 10:59 a.m.3 views

CVE-2016-6420

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...

6.5CVSS5.8AI score0.01837EPSS
Exploits0References3
Prion
Prion
added 2016/10/05 10:59 a.m.13 views

Authorization

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...

6.8CVSS6.8AI score0.01837EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/10/05 10:0 a.m.48 views

CVE-2016-6420

CVE-2016-6420 affects Cisco FireSIGHT System Software used by Firepower Management Center (FMC) versions 4.10.3–5.4.0. The vulnerability is due to improper authorization checks in the FMC web framework, allowing remote authenticated users to bypass authorization and gain elevated privileges via a...

6.8CVSS6.2AI score0.01837EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/10/05 10:0 a.m.21 views

CVE-2016-6420

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467...

6.2AI score0.01837EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/29 12:0 a.m.4 views

Cisco Firepower Management Center and FireSIGHT System Cross-Site Request Forgery Vulnerability

Cisco Firepower Management Center and FireSIGHT System Software are both management center software from Cisco USA. A cross-site request forgery vulnerability exists in Cisco Firepower Management Center and FireSIGHT System Software. A remote attacker could exploit this vulnerability to perform...

8.8CVSS6.9AI score0.00629EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/29 12:0 a.m.18 views

Cisco FireSIGHT System Software Privilege Escalation Vulnerability

A vulnerability in the web framework of the Cisco Firepower Management Center running on Cisco FireSIGHT System Software could allow authenticated, remote attackers to elevate privileges to access data outside their roles. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...

6.8CVSS6.5AI score0.01837EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/29 12:0 a.m.18 views

Cisco FireSIGHT System Software Cross-Site Request Forgery Vulnerability

A cross-site request forgery CSRF vulnerability for Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to execute unwanted actions. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

8.8CVSS9.1AI score0.00629EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/28 4:0 p.m.44 views

Cisco Firepower Management Center and FireSIGHT System Software Cross-Site Request Forgery Vulnerability

A cross-site request forgery CSRF vulnerability for Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of CSRF protections by an affected device. An attacker could...

4.3CVSS9.1AI score0.00629EPSS
Exploits0References1
NVD
NVD
added 2016/09/24 1:59 a.m.13 views

CVE-2016-6411

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...

7.5CVSS7.4AI score0.00749EPSS
Exploits0References2
OSV
OSV
added 2016/09/24 1:59 a.m.4 views

CVE-2016-6411

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...

7.5CVSS5.8AI score0.00749EPSS
Exploits0References2
Prion
Prion
added 2016/09/24 1:59 a.m.15 views

Design/Logic Flaw

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...

5CVSS7.1AI score0.00749EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/09/24 1:0 a.m.19 views

CVE-2016-6411

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585...

7.4AI score0.00749EPSS
Exploits0References2
CVE
CVE
added 2016/09/24 1:0 a.m.50 views

CVE-2016-6411

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 are affected by CVE-2016-6411, where the system mishandles comparisons between URLs and X.509 certificates, due to lack of verification of HTTP URL input against the SSL certificate. This allows an unauthenticated, remote attac...

7.5CVSS7.4AI score0.00749EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/09/24 12:0 a.m.4 views

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability (CNVD-2016-08193)

Cisco Firepower Management Center and FireSIGHT System Software are management center software from Cisco USA. A security vulnerability exists in Cisco Firepower Management Center and Cisco FireSIGHT System that allows an attacker to bypass configured SSL inspection rules with a specially crafted...

7.5CVSS6.8AI score0.00749EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/22 12:0 a.m.19 views

Cisco FireSIGHT System Software SSLIinspection Bypass Vulnerability

A vulnerability in SSL inspection for Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources...

7.5CVSS7.7AI score0.00749EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/21 4:0 p.m.40 views

Cisco Firepower Management Center and FireSIGHT System Software SSLIinspection Bypass Vulnerability

A vulnerability in SSL inspection for Cisco Firepower Management Center and Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. The vulnerability is due to lack of verification of the user input...

5CVSS7.5AI score0.00749EPSS
Exploits0References1
NVD
NVD
added 2016/09/12 10:59 a.m.23 views

CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...

5.3CVSS5.3AI score0.01244EPSS
Exploits0References3
OSV
OSV
added 2016/09/12 10:59 a.m.5 views

CVE-2016-6395

Cross-site scripting XSS vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658...

5.4CVSS5.9AI score0.01104EPSS
Exploits0References3
NVD
NVD
added 2016/09/12 10:59 a.m.18 views

CVE-2016-6394

Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503...

9.1CVSS9.1AI score0.01448EPSS
Exploits0References3
Rows per page
Query Builder